.Net中如何操作token权限?我想使用C#来确定分配给我的进程/线程令牌的权限并根据需要进行调整。例如,为了让我的程序重新启动计算机,它必须首先启用SeShutdownPrivilege权限。如何从托管代码安全地完成它?事实证明这无关紧要,因为它没有内置机制。不仅需要P/Invoke,而且您必须仔细编写代码以确保您不会通过启用它们来“泄漏”权限,然后快速禁用它们(如果您重新启动计算机,您将不会有问题)。有关描述的完整代码示例,请阅读MSDN杂志2005年3月的文章“MarkNovak在托管代码中可靠、安全和高效地管理权限”。下面是P/Invoke语句:以上是C#学习教程:Howtomanipulatetokenauthorityin.Net?如果分享的内容对你有用,需要了解更多C#学习教程,希望大家多多关注——usingSystem;使用System.Runtime.InteropServices;使用System.Runtime.ConstrainedExecution;名称空间privilegeclass{[[flags]内部枚举查询,写入=0x00020000|调整权限|调整组|调整默认,AllAccess=0x000F0000|分配小学|重复|冒充|查询|查询来源|调整权限|调整组|调整默认|AdjustSessionId,MaximumAllowed=0x02000000}internalenumSecurityImpersonationLevel{Anonymous=0,Identification=1,Impersonation=2,Delegation=3,}internalenumTokenType{Primary=1,Impersonation=2,}internalsealedclassNativeMethods{internalconstuintSE_PRIVILEGE_DISABLED=0x00000000;内部结构SE_PRIVILEGE_ENABLED=0x00000002;[StructLayout(LayoutKind.Sequential,CharSet=CharSet.Unicode)]内部结构LUID{内部uintLowPart;内部单位HighPart;}[StructLayout(LayoutKind.Sequential,CharSet=CharSet.Unicode)]internalstructLUID_AND_ATTRIBUTES{内部LUIDLuid;内部uint属性;}[StructLayout(LayoutKind.Sequential,CharSet=CharSet.Unicode)]internalstructTOKEN_PRIVILEGE{internaluintPrivilegeCount;内部LUID_AND_ATTRIBUTES特权;}内部常量字符串ADVAPI32="advapi32.dll";内部常量字符串KERNEL32="kernel32.dll";内部常量intERROR_SUCCESS=0x0;内部常量intERROR_ACCESS_DENIED=0x5;内部常量intERROR_NOT_ENOUGH_MEMORY=0x8;内部常量intERROR_NO_TOKEN=0x3f0;内部常量intERROR_NOT_ALL_ASSIGNED=0x514;内部常量intERROR_NO_SUCH_P特权=0x521;内部常量intERROR_CANT_OPEN_ANONYMOUS=0x543;[DllImport(KERNEL32,SetLastError=true)][ReliabilityContract(Consistency.WillNotCorruptState,Cer.MayFail)]internalstaticexternboolCloseHandle(IntPtrhandle);[dllimport(advapi32,charset=charset.unicode,setlasterror=true)]TOKEN_PRIVILEGENewState,[In]uintBufferLength,[In,Out]refTOKEN_PRIVILEGEPreviousState,[In,Out]refuintReturnLength);[DllImport(ADVAPI32,CharSet=CharSet.Auto,SetLastError=true)][ReliabilityContract(Consistency.WillNotCorruptState,Cer.MayFail)]internalstaticexternboolRevertToSelf();[DllImport(ADVAPI32,EntryPoint="LookupPrivilegeValueW",CharSet=CharSet.Auto,SetLastError=true)][ReliabilityContract(Consistency.WillNotCorruptState,Cer.MayFail)]internalstaticexternboolLookupPrivilegeValue([In]stringlpSystemName,[In]stringlpName,[In,Out]refLUIDLuid);[DllImport(KERNEL32,CharSet=CharSet.Auto,SetLastError=true)][ReliabilityContract(Consistency.WillNotCorruptState,Cer.MayFail)]internalstaticexternIntPtrGetCurrentProcess();[DllImport(KERNEL32,CharSet=CharSet.Auto,SetLastError=true)][ReliabilityContract(Consistency.WillNotCorruptState,Cer.MayFail)]internalstaticexternIntPtrGetCurrentThread();[DllImport(ADVAPI32,CharSet=CharSet.Unicode,SetLastError=true)][ReliabilityContract(Consistency.WillNotCorruptState,Cer.MayFail)]internalstaticexternboolOpenProcessToken([In]IntPtrProcessToken,[In]TokenAccessLevelsDesiredAccess,[In,Out]]refsafetkenhandletokenhandle);[DllImport(ADVAPI32,CharSet=CharSet.Unicode,SetLastError=true)][ReliabilityContract(Consistency.WillNotCorruptState,Cer.MayFail)]internalstaticexternboolOpenThreadToken([In]IntPtrThreadToken,[In]TokenAccessLevelsDesiredAccess,[In]boolOpenAsSelf,[In,Out]refSafeTokenHandleTokenHandle);[dllimport(advapi32,charset=charset.unicode,setlasterror=true)]TokenAttributes,[In]SecurityImpersonationLevelImpersonationLevel,[In]TokenTypeTokenType,[In,Out]refSafeTokenHandleNewToken);[dllimport(advapi32,charset=charset.unicode,setlastror=true)]staticNativeMethods(){}}}本文收集自网络,不代表立场。如涉及侵权,请点击右侧联系管理员删除。如有转载请注明出处:
